List Archive: gentoo-releng
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
I don't care so much about this security issue because assuming that
you are using a function in a scope shared by the rc scripts and
haven't hard coded the way to read such arguments in every rc-script,
it would be trivial to add some security measures later on.
However from a alternative platform/architecture point of view I have
to note that at least a kernel dependent strategy might be needed here.
I wonder whether kernels such as for instance the hurd pass arguments
the same way as a linux kernel and whether newer linux kernel releases
might not change this process, thus requiring different rc scripts for
each kernel while only a different runtime strategy is needed.
Currently not an urgent issue, but we'll have to take this into
On 17 Jan 2004, at 18:06, Brad House wrote:
> no, the rcscripts must now parse the kernel commandline opts
> to get a few options. There's really not many other ways to
> do it. Besides you just proved by your statement that someone
> could instead pass init=/bin/sh and override any sort of
> init process, so trying to make the 'cdroot' option secure
> is obsurd, as there's 10 million other ways to get in if you
> have direct access to the computer.
email@example.com mailing list